Solved

SFTP through Cisco Pix on Non-standard port

Posted on 2008-06-24
3
1,149 Views
Last Modified: 2008-07-07
I configured an SFTP (openssh) server inside my network. It runs on port 3000 (for example).
I setup an access-list on the PIX to allow traffic on port 3000 to my server, but my test laptop on another network gets "connection refused" when trying to connect on that port.  I can see the hit-count increasing on that line of the access-list so I know the traffic is matching.

I think its a pix setting? Will the pix only allow SSH through on the standard port 22 ?

Thank you,
0
Comment
Question by:jwestbulldog
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 

Author Comment

by:jwestbulldog
ID: 21857336
Some clarification:

I can connect to the SSH server from inside the network on port 3000 , so that should rule out server settings or bad username/password.
I'm pretty sure it's firewall related - but access list is set to pass traffic through on port 3000.

Thanks,
0
 
LVL 29

Expert Comment

by:Michael Worsham
ID: 21857428
0
 

Accepted Solution

by:
jwestbulldog earned 0 total points
ID: 21859726
Fixed it.
The PIX's xlate table had no entry for the internal server. Pinging OUT from that server created the xlate entry and the incoming SFTP connections started working.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Resource timeout across a VPN 9 61
TZ400 2 41
Cisco SRST questions 5 53
VHDx Hyper V bad performance different locations 9 45
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question